Digital Forensics Module 12
Orthogonal Frequency Division Multiplexing (OFDM)
A 4g technology that uses numerous parallel carriers instead of a single broad carrier and is less susceptible to interference.
Telecommunications Industry Association (TIA)
A U.S. trade association representing hundreds of telecommunications companies that works to establish and maintain telecommunications standards
Global System for Mobile Communications (GSM)
A second-generation cellular network standard; currently the most used cellular network in the world
Electronically Erasable Programmable Read-Only Memory (EEPROM)
A type of nonvolatile memory that can be reprogrammed electrically, without having to physically access or remove the chip
Code Division Multiple Access (CDMA)
A widely used digital cell phone technology that makes use of spread-spectrum modulation to spread the signal across a wide range of frequencies
- Isolate the Device from the Network - Disable the screen lock - Remove the passcode
According to SANS DFIR Forensics, which of the following tasks should you perform if a mobile device is on and unlocked? A. Isolate the device from the network B. Disable the screen lock C. Remove the passcode D. Attempt to do a physical acquisition
Enhanced Data GSM Environment (EDGE)
An improvement to GSM technology that enables it to deliver higher data rates
International Telecommunication Union (ITU)
An international organization dedicated to creating telecommunications standards.
- Airplane Mode - Paint can with radio wave blocking paint - multiple antistatic bags -faraday cage
Describe 2 ways you can isolate a mobile device from incoming signals
SIM and ME(Mobile Equipment)
GSM divides a mobile station into ____ and _____
Riley v. California
In which case did the U.S. Supreme Court require using a search warrant to examine the contents of mobile devices?
- Internal Memory - SIM Card - Removable Storage - Servers
List 4 places where mobile device information might be stored
Smartphones
Mobile telephones with more features than a traditional phone has, including a camera, an e-mail client, a Web browser, a calendar, contact management software, an instant-messaging program, and more.
3
Most SIM cards allow _____ access attempts before locking you out
Subscriber Identity Module Cards (SIM)
Removable cards in GSM phones that contain information for identifying subscribers. They can also store other information, such as messages and call history
64 GB
SD cards have a capacity up to which of the following? A. 100 MB B. 4 MB C. 64 GB D. 500 MB
True
SIM card readers can alter evidence by showing that a message has been read when you view it. True or False?
Radio Frequency Identification Sensors (RFID)
The Internet of Things includes _____ as well as wired, wireless, and mobile devices
Fifth Generation (5G)
The coming generation of mobile device standards, expected to be finalized in 2020
Fourth-Generation (4G)
The current generation of mobile phone standards, with technologies that improved speed and accuracy.
third-Generation (3G)
The preceding generation of mobile phone standards and technology; had more advanced features and faster data rates than the older analog and personal communications service (PCS) technologies
Time Division Multiple Access (TDMA)
The technique of dividing a radio frequency into time slots, used by GSM networks; also refers to a cellular network standard covered by Interim Standard (IS) 136
a technique of dividing a radio frequency so that multiple users share the same channel
The term TDMA refers to which of the following? A. A technique for dividing a radio frequency so that multiple users share the same channel B. A proprietary protocol developed by Motorola C. A specific cellular network standard D. A technique of spreading the signal across many channels
False
The uRLLC 5G category focuses on communications in smart cities. True or False?
True
Typically, you need a search warrant to retrieve information from a service provider. True or False?
GSM
What's the most commonly used cellular network worldwide?
False
When acquiring a mobile device at an investigation scene, you should leave it connected to a laptop or tablet so that you can observe synchronization as it takes place. True or False?
-Call Data - Service-related data
Which of the following categories of information is stored on a SIM card? A. Volatile memory B. Call data C. Service-related Data D. None of the above
- Logical Extraction - Physical Extraction - Hex Dumping
Which of the following is a mobile forensics method listed in NIST guidelines? A. Logical Extraction B. Bilateral Read C. Physical Extraction D. Hex dumping
MSC
Which of the following relies on a central database that tracks account data, location data, and subscriber information? A. BTS B. MSC C. BSC D. None of the above
- Removing account information - Returning the phone to the original factory settings - Deleting contacts
remote wiping of a mobile device can result in which of the following? A. Removing account information B. Enabling a GPS beacon to track the thief C. Returning the phone to the original factory settings D. Deleting Contacts
